Mercurial > hg > fapweb

comparison ajax.php @ 66:230aacc22cb4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Move some functions to site lib.
author Matti Hamalainen <ccr@tnsp.org>
date Sat, 05 Oct 2013 17:59:24 +0300
parents e85ed35585fc
children 699f6db022d9
comparison
equal deleted inserted replaced
65:72b22729ae7e 66:230aacc22cb4
32 { 32 {
33 return "<input type=\"submit\" value=\" Save \" />\n"; 33 return "<input type=\"submit\" value=\" Save \" />\n";
34 } 34 }
35 35
36 36
37 function setStatus($val, $msg)
38 {
39 global $statusSet;
40 if (!$statusSet)
41 {
42 header("Status: ".$val." ".$msg);
43 }
44 $statusSet = TRUE;
45 }
46
47
48 function execSQLCond($sql, $okmsg)
49 {
50 if (($res = stExecSQL($sql)) !== FALSE)
51 {
52 if ($okmsg != "")
53 setStatus(200, $okmsg);
54 return $res;
55 }
56 else
57 {
58 setStatus(900, "Error in SQL execution.");
59 return FALSE;
60 }
61 }
62
63
64 // XMLHttp responses 37 // XMLHttp responses
65 $action = "ERROR"; 38 $action = "ERROR";
66 if (stChkRequestItem("action") && stChkRequestItem("type")) 39 if (stChkRequestItem("action") && stChkRequestItem("type"))
67 { 40 {
68 $action = $_REQUEST["action"]; 41 $action = $_REQUEST["action"];
74 { 47 {
75 case "dump": 48 case "dump":
76 // 49 //
77 // Perform generic data dump 50 // Perform generic data dump
78 // 51 //
79 if (($res = execSQLCond( 52 if (($res = stExecSQLCond(
80 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC", 53 "SELECT * FROM attendees WHERE email NOT NULL AND email != '' ORDER BY regtime DESC",
81 "Dump OK.")) !== FALSE) 54 "Dump OK.")) !== FALSE)
82 { 55 {
83 $out1 = array(); 56 $out1 = array();
84 $out2 = array(); 57 $out2 = array();
205 } 178 }
206 179
207 // 180 //
208 // Perform query if we need to, output results 181 // Perform query if we need to, output results
209 // 182 //
210 if (isset($sql) && ($res = execSQLCond($sql, "")) !== FALSE) 183 if (isset($sql) && ($res = stExecSQLCond($sql, "")) !== FALSE)
211 { 184 {
212 if ($type == "news") 185 if ($type == "news")
213 { 186 {
214 foreach ($res as $item) 187 foreach ($res as $item)
215 { 188 {
292 $id = intval(stGetRequestItem("id")); 265 $id = intval(stGetRequestItem("id"));
293 266
294 if ($type == "news") 267 if ($type == "news")
295 { 268 {
296 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id); 269 $sql = stPrepareSQL("DELETE FROM news WHERE id=%d AND persist=0", $id);
297 execSQLCond($sql, "OK, news item ".$id." deleted."); 270 stExecSQLCond($sql, "OK, news item ".$id." deleted.");
298 } 271 }
299 else 272 else
300 if ($type == "attendees") 273 if ($type == "attendees")
301 { 274 {
302 // Attendees require some more work 275 // Attendees require some more work
303 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id); 276 $sql = stPrepareSQL("DELETE FROM attendees WHERE id=%d", $id);
304 execSQLCond($sql, "OK, attendee ".$id." deleted."); 277 stExecSQLCond($sql, "OK, attendee ".$id." deleted.");
305 278
306 $sql = stPrepareSQL("DELETE FROM votes WHERE voter_id=%d", $id); 279 $sql = stPrepareSQL("DELETE FROM votes WHERE voter_id=%d", $id);
307 execSQLCond($sql, "OK, attendee ".$id." votes deleted."); 280 stExecSQLCond($sql, "OK, attendee ".$id." votes deleted.");
308 } 281 }
309 else 282 else
310 if ($type == "entries") 283 if ($type == "entries")
311 { 284 {
312 // .. as do compo entries 285 // .. as do compo entries
313 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id); 286 $sql = stPrepareSQL("DELETE FROM entries WHERE id=%d", $id);
314 execSQLCond($sql, "OK, entry ".$id." deleted."); 287 stExecSQLCond($sql, "OK, entry ".$id." deleted.");
315 288
316 $sql = stPrepareSQL("DELETE FROM votes WHERE entry_id=%d", $id); 289 $sql = stPrepareSQL("DELETE FROM votes WHERE entry_id=%d", $id);
317 execSQLCond($sql, "OK, entry ".$id." votes deleted."); 290 stExecSQLCond($sql, "OK, entry ".$id." votes deleted.");
318 } 291 }
319 } 292 }
320 else 293 else
321 setStatus(901, "No ID specified."); 294 stSetStatus(901, "No ID specified.");
322 break; 295 break;
323 296
324 case "add": 297 case "add":
325 // 298 //
326 // Add new entry 299 // Add new entry
330 { 303 {
331 $sql = stPrepareSQL( 304 $sql = stPrepareSQL(
332 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)", 305 "INSERT INTO news (utime,title,text,author) VALUES (%d,%S,%Q,%S)",
333 time(), "title", "text", "author"); 306 time(), "title", "text", "author");
334 307
335 execSQLCond($sql, "OK, news item added."); 308 stExecSQLCond($sql, "OK, news item added.");
336 } 309 }
337 else 310 else
338 if ($type == "compo" && stChkRequestItem("name") && 311 if ($type == "compo" && stChkRequestItem("name") &&
339 stChkRequestItem("description")) 312 stChkRequestItem("description"))
340 { 313 {
341 $sql = stPrepareSQL( 314 $sql = stPrepareSQL(
342 "INSERT INTO compos (name,description,visible,voting,showAuthors) VALUES (%S,%Q,0,0,0)", 315 "INSERT INTO compos (name,description,visible,voting,showAuthors) VALUES (%S,%Q,0,0,0)",
343 "name", "description"); 316 "name", "description");
344 317
345 execSQLCond($sql, "OK, compo added."); 318 stExecSQLCond($sql, "OK, compo added.");
346 } 319 }
347 else 320 else
348 if ($type == "attendees" && stChkRequestItem("name") && 321 if ($type == "attendees" && stChkRequestItem("name") &&
349 stChkRequestItem("groups") && stChkRequestItem("email") && 322 stChkRequestItem("groups") && stChkRequestItem("email") &&
350 stChkRequestItem("oneliner")) 323 stChkRequestItem("oneliner"))
351 { 324 {
352 $sql = stPrepareSQL( 325 $sql = stPrepareSQL(
353 "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)", 326 "INSERT INTO attendees (regtime,name,groups,oneliner,email) VALUES (%d,%S,%S,%S,%S)",
354 time(), "name", "groups", "oneliner", "email"); 327 time(), "name", "groups", "oneliner", "email");
355 328
356 execSQLCond($sql, "OK, attendee added."); 329 stExecSQLCond($sql, "OK, attendee added.");
357 } 330 }
358 else 331 else
359 if ($type == "entry" && stChkRequestItem("name") && 332 if ($type == "entry" && stChkRequestItem("name") &&
360 stChkRequestItem("author") && stChkRequestItem("compo_id")) 333 stChkRequestItem("author") && stChkRequestItem("compo_id"))
361 { 334 {
362 $sql = stPrepareSQL( 335 $sql = stPrepareSQL(
363 "INSERT INTO entries (name,author,compo_id,filename) VALUES (%S,%S,%D,%S)", 336 "INSERT INTO entries (name,author,compo_id,filename) VALUES (%S,%S,%D,%S)",
364 "name", "author", "compo_id", "filename"); 337 "name", "author", "compo_id", "filename");
365 338
366 execSQLCond($sql, "OK, entry added."); 339 stExecSQLCond($sql, "OK, entry added.");
367 } 340 }
368 else 341 else
369 setStatus(902, "No data."); 342 stSetStatus(902, "No data.");
370 break; 343 break;
371 344
372 case "update": 345 case "update":
373 // 346 //
374 // Update existing entry 347 // Update existing entry
383 "email" => "S", 356 "email" => "S",
384 "oneliner" => "S", 357 "oneliner" => "S",
385 "active" => "B", 358 "active" => "B",
386 )); 359 ));
387 360
388 execSQLCond($sql, "OK, attendee updated."); 361 stExecSQLCond($sql, "OK, attendee updated.");
389 } 362 }
390 else 363 else
391 if ($type == "news" && stChkRequestItem("id") && 364 if ($type == "news" && stChkRequestItem("id") &&
392 stChkRequestItem("text") && stChkRequestItem("author") && 365 stChkRequestItem("text") && stChkRequestItem("author") &&
393 stChkRequestItem("title")) 366 stChkRequestItem("title"))
398 "title" => "S", 371 "title" => "S",
399 "text" => "Q", 372 "text" => "Q",
400 "author" => "S" 373 "author" => "S"
401 )); 374 ));
402 375
403 execSQLCond($sql, "OK, news item updated."); 376 stExecSQLCond($sql, "OK, news item updated.");
404 } 377 }
405 else 378 else
406 if ($type == "compo" && stChkRequestItem("id") && 379 if ($type == "compo" && stChkRequestItem("id") &&
407 stChkRequestItem("name") && stChkRequestItem("description") && 380 stChkRequestItem("name") && stChkRequestItem("description") &&
408 stChkRequestItem("visible") && stChkRequestItem("voting") && 381 stChkRequestItem("visible") && stChkRequestItem("voting") &&
416 "visible" => "B", 389 "visible" => "B",
417 "voting" => "B", 390 "voting" => "B",
418 "showAuthors" => "B", 391 "showAuthors" => "B",
419 )); 392 ));
420 393
421 execSQLCond($sql, "OK, compo updated."); 394 stExecSQLCond($sql, "OK, compo updated.");
422 } 395 }
423 else 396 else
424 if ($type == "entry" && stChkRequestItem("id") && 397 if ($type == "entry" && stChkRequestItem("id") &&
425 stChkRequestItem("name") && stChkRequestItem("author") && 398 stChkRequestItem("name") && stChkRequestItem("author") &&
426 stChkRequestItem("compo_id")) 399 stChkRequestItem("compo_id"))
432 "author" => "S", 405 "author" => "S",
433 "filename" => "S", 406 "filename" => "S",
434 "compo_id" => "D", 407 "compo_id" => "D",
435 )); 408 ));
436 409
437 execSQLCond($sql, "OK, entry updated."); 410 stExecSQLCond($sql, "OK, entry updated.");
438 } 411 }
439 else 412 else
440 if ($type == "settings") 413 if ($type == "settings")
441 { 414 {
442 foreach (stExecSQL("SELECT * FROM settings") as $item) 415 foreach (stExecSQL("SELECT * FROM settings") as $item)
450 case VT_STR: $vsql = stPrepareSQL("vstr=%s", $val); break; 423 case VT_STR: $vsql = stPrepareSQL("vstr=%s", $val); break;
451 case VT_TEXT: $vsql = stPrepareSQL("vtext=%s", $val); break; 424 case VT_TEXT: $vsql = stPrepareSQL("vtext=%s", $val); break;
452 } 425 }
453 426
454 $sql = "UPDATE settings SET ".$vsql." WHERE key=".$db->quote($item["key"]); 427 $sql = "UPDATE settings SET ".$vsql." WHERE key=".$db->quote($item["key"]);
455 execSQLCond($sql, "OK, setting updated."); 428 stExecSQLCond($sql, "OK, setting updated.");
456 } 429 }
457 } 430 }
458 else 431 else
459 setStatus(902, "No data."); 432 stSetStatus(902, "No data.");
460 break; 433 break;
461 434
462 default: 435 default:
463 setStatus(404, "Not Found"); 436 stSetStatus(404, "Not Found");
464 break; 437 break;
465 } 438 }
466 439
467 ?> 440 ?>